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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1. (Currently Amended) A computer/network interface device comprising: 

a first external hardware interface for connection to external hardware, said first interface 
being physically disposed in said device for receiving data from a first zone in a first zone data 
format; 

means disposed within said device for processing said received data through performance 
of a cryptographic operation on at least a portion thereof; 

a second external hardware interface for connection to external hardware, said second 
interface being disposed in said device for sending said processed data to a second zone in a 
second zone data format; 

one of said interfaces being connectable to a host computer system; and 

means disposed within said device arranged to pass said processed data exclusively from 
said processing means to said second external hardware interface within said device. 

2. (Previously Presented) A computer/network interface device as in claim 1 further 
comprising: 

means disposed within said device arranged to convert said received data in said first 
zone data format into at least one data format other than said first zone data format prior to said 
data processing. 

3. (Previously Presented) A computer/network interface device as in claim 1 further 
comprising: 
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means disposed within said device arranged to transform the data format of said received 
data from said first zone at least twice prior to said data processing. 

4. (Previously Presented) A computer/network interface device as in claim 1 in 
which said first zone data format is packetized data, said device further comprising: 

means disposed within said device for reading at least one item of identification data 
from each packet; 

wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

5. (Previously Presented) A computer/network interface device as in claim 4 further 
comprising: 

a store located within said device for storing one or more rules, each rule being linked 
with at least one of item of identification data; wherein 

said processing means is arranged to process each packet in dependence upon the rule 
linked with the corresponding item(s) of identification data. 

6. (Currently Amended) A computer/network interface device as in claim 1 wherein 
one of the first and second external hardware interfaces is suitable for connection to said host 
such that the data format utilized by such a connected interface is one utilized by the host. 

7. (Currently Amended) A computer/network interface device as in claim 5, 
wherein one of the first and second external hardware interfaces is suitable for connection to said 
host such that the data format utilized by such a connected external hardware interface is one 
utilized by the host in which, in response to receiving at least one control packet including at 
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least an item of control identification data and control instructions through the other external 
hardware interface which is not connected to the host and reading said item of control 
identification data from a control packet, said processing means is arranged to change said rules 
in said store in dependence upon said corresponding control instructions. 

8. (Currently Amended) A computer/network interface device comprising: 

a first external hardware interface for connection to external hardware, said first interface 
being disposed in said device for receiving data from a first authorized party in a first data 
format; 

means disposed within said device for processing said received data through performance 
of a computational operation on at least a portion thereof; 

a second external hardware interface for connection to external hardware, said second 
interface being disposed in said device for sending said processed data to a second authorized 
party in a second data format; 

means disposed within said device arranged to pass said processed data exclusively from 
said processing means to said second external hardware interface within said device; 

wherein said operation performed by said processing means is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

9. (Currently Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first external hardware interface for connection to external hardware, 
said first interface being disposed in said device from a first zone in a first zone data format; 
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processing said received data within said device through performance of a cryptographic 
operation on at least a portion thereof; 

passing said processed data within said device exclusively from said processing means to 
a second external hardware interface for connection to external hardware, said second interface 
being disposed in said device; 

one of said external hardware interfaces being connected to a host computer system; and 

sending said processed data from said second interface to a second zone in a second zone 
data format. 

10. (Previously Presented) A method of operating a computer/network interface 
device as in claim 9 further comprising: 

converting said received data within said device in said first zone data format into at least 
one further data format prior to said processing. 

1 1 . (Previously Presented) A method of operating a computer/network interface 
device as in claim 9 further comprising transforming, within said device, the data format of said 
received data from said first zone at least twice prior to said processing. 

12. (Currently Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first external hardware interface of said device from a first authorized 
party external to said device in a first data format; 

processing said received data within said device through performance of a computational 
operation on at least a portion thereof; 
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passing said processed data within said device exclusively to a second external hardware 
interface of said device for connection to external hardware ; 

at least one of said external hardware interfaces being connected to a host computer 

system; 

sending said processed data from said second external hardware interface to a second 
authorized party in a second data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

13. (Currently Amended) A host/network interface apparatus comprising: 

a first external hardware port connectable for communication with said host using an 
internal data format used internally by said host; 

a second external hardware port connectable for communication with said network using 
a network data format; 

means disposed within said interface apparatus for processing data received from at least 
one of said external hardware p orts through performance of a cryptographic operation on at least 
a portion of said received data; and 

means disposed within said interface apparatus arranged to pass said processed data 
exclusively from said means for processing to the other of said external hardware ports. 

14. (Previously Presented) A host/network interface device as in claim 13 further 
comprising: 
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means disposed within said interface apparatus arranged to convert said received data in 
either said internal data format or said network data format into at least one data format other 
than said internal data format or network data format prior to said data processing. 

15. (Previously Presented) A host/network interface device as in claim 13 further 
comprising: 

means disposed within said interface apparatus arranged to transform the data format of 
said received data from said internal data format or network data format at least twice prior to 
said data processing. 

16. (Previously Presented) A host/network interface device as in claim 13 in which 
said internal data format or network data format is packetized data, said device further 
comprising: 

means disposed within said interface device for reading at least one item of identification 
data from each packet; 

wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

17. (Previously Presented) A host network interface device as in claim 16 further 
comprising: 

a store disposed within said interface device for storing one or more rules, each rule being 
linked with at least one of item of identification data; 

wherein said processing means is arranged to process each packet in dependence upon 
the rule linked with the corresponding item(s) of identification data. 
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18. (Currently Amended) A host/network interface device as in claim 17 in which, in 
response to receiving at least one control packet including at least an item of control 
identification data and control instructions through said second external hardware port and 
reading said item of control identification data from a control packet, said processing means is 
arranged to change said rules in said store in dependence upon said corresponding control 
instructions. 

19. (Currently Amended) A computer/network interface device comprising: 

a first external hardware port connectable to external hardware for receiving data from a 
first authorized party in a computer data format; 

a second external hardware port connectable to external hardware for sending processed 
data to a second authorized party in a network data format; 

means disposed within said device for processing data received from at least one of said 
external hardware ports through performance of a computational operation on at least a portion 
of said received data; and 

means disposed within said device arranged to pass said processed data exclusively from 
said processing means to the other of said external hardware ports; 

wherein said operation performed by said processing means is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

20. (Currently Amended) A method of operating a computer/network interface 
device comprising: 
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receiving data at a first external hardware port of the device from a first authorized party 
in a computer data format via external hardware connected to said first external hardware port ; 

processing said received computer data within said device through performance of a 
cryptographic operation on at least a portion thereof; 

passing said processed data exclusively from said processing means to a second external 
hardware port of the device connected to external hardware ; and 

sending said processed data from said second external hardware port to a second 
authorized party in a network data format. 

21. (Previously Presented) A method of operating a computer/network interface 
device as in claim 20 further comprising: 

converting, within said device, said received data in said computer data format into at 
least one further data format prior to said processing. 

22. (Previously Presented) A method of operating a computer/network interface 
device as in claim 20 further comprising transforming, within said device, the data format of said 
received data from said first authorized party at least twice prior to said processing. 

23. (Currently Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first external hardware port of the device from a first authorized party 
in a computer data forma t via external hardware connected to said first external hardware port ; 

processing said received data in said device through performance of a computational 
operation on at least a portion thereof; 
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passing said processed data within said device exclusively to a second external hardware 
port of the device connected to external hardware ; 

sending said processed data from said second external hardware port to a second 
authorized party in a network data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

24. (Currently Amended) A host/network interface apparatus adapted to be plugged 
into a host, said apparatus comprising: 

a first external hardware port at aan external plug connector on an apparatus housing for 
communications with said host using an internal data formal used internally by said host; 

a second external hardware port at aan external plug connector on said apparatus housing 
for communications with said network using a network data format; 

means disposed within said housing for processing data received from at least one of said 
external hardware ports through performance of a cryptographic operation on at least a portion of 
said received data, said means for processing including self-contained cryptographic key data 
within said housing; and 

means disposed within said housing arranged to pass said processed data exclusively 
from said processing means to the other of said external hardware p orts. 
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